Security teams need visibility that keeps pace with change. Every day, new exposures can appear, and remediations need to be reflected quickly, so risk decisions are based on the most accurate data. Priority Scanning was built to give you exactly that: fresher, more reliable insights into your external attack surface, every single day.

Priority Scanning is a capability powered by GROMA that delivers daily monitoring of your attributed external attack surface. This ensures your findings and remediations are continuously refreshed, providing the most accurate picture of your security posture.

What Priority Scanning Does

With Priority Scanning, your attributed assets are scanned daily across the most critical diligence risk vectors:

• SSL configuration,
• SSL certificates,
• server software,
• open ports, and
• patching cadence.

This means your view of findings is no longer bound to longer scanning cycles. Instead, your results reflect what’s happening now:

• New exposures surface quickly, giving you more time to respond.
• When you fix issues, you see the improvement the next day.
• Findings and their end-dates stay in sync, so there’s no gap between action and recognition.

Priority Scanning vs. Rescan

It’s important to distinguish Priority Scanning from the Rescan feature you may already use:

• Rescan: a manual, on-demand validation of specific findings you select.
• Priority Scanning: automatic, daily monitoring of your entire attributed attack surface.

They work together: rescans give you immediate confirmation when you need it, while Priority Scanning ensures your broader asset inventory stays continuously updated.

Priority Scanning is included with the Security Performance Management EASM Enhanced module.

Frequently Asked Questions

What is Priority Scanning?

Priority Scanning is a capability that continuously monitors your external attack surface. It automatically scans your attributed assets every day across the most critical diligence risk vectors. This ensures that findings and remediations are always fresh, so you have an up-to-date view of risk.

How is this different from the standard scanning process?

With the standard process, scans are spread across millions of organizations and can take longer to return to the same asset. With Priority Scanning, your attributed assets are checked daily for the most impactful diligence risk vectors. The benefit is simple: faster detection, quicker feedback, and more confidence in your results.

Which risk vectors are included in Priority Scanning?

Priority Scanning covers the diligence vectors that typically drive the highest number of findings:

• SSL/TLS configuration
• SSL certificates
• Server software
• Open ports
• Patching cadence

Other vectors continue to be monitored on their existing schedule.

Will this change impact my Bitsight rating?

Only in the sense that findings may appear sooner than before. What’s happening is simply an anticipation of rating changes that would have occurred anyway. The benefit is that these issues surface earlier, giving you the chance to act faster and reduce real risk.

Just as importantly, once you remediate, that improvement is also recognized faster, often the very next day. Priority scanning ensures that you'll quickly find out about any security issues and remediate them before exploitation.

How is Priority Scanning different from a Rescan?

• Rescan: You manually request it to validate a specific finding or a small set of findings. It’s immediate, but limited in scope.
• Priority Scanning: Runs automatically, every day, across your entire attributed attack surface. It doesn’t require any action on your part.

Together, they give you both broad continuous monitoring and pinpoint, on-demand validation.

Will this increase the number of findings I see?

Daily scans mean findings may appear sooner. These findings indicate the presence or absence of exposure risk. Remediation credit is applied immediately once a finding is fixed. If a finding remains unfixed (or no fix is detected), its lifetime will reflect this.

How does Priority Scanning help with remediation?

Remediations are detected on the next daily scan. Instead of waiting for the next scanning cycle, you’ll see your fixes reflected quickly, and the associated findings will close sooner. This shortens the gap between action and recognition. 

Please note, remediation reflection within the platform is still limited to individual risk vector behavior. For example, in the Open Ports risk vector: closed UDP ports are marked as closed 60 days after the finding’s last seen date (closed UDP ports are undetectable).

Does Priority Scanning cost extra?

No. Priority Scanning is included as part of the Security Performance Management (SPM) EASM Enhanced module.

Do I need to enable or configure anything?

Priority Scanning operates automatically in the background once your organization is enrolled, requiring no additional configuration. During the rollout, all customers will receive notifications both before and after Priority Scanning is applied to their accounts. Subsequently, Priority Scanning will become the default standard for all customers utilizing the EASM Enhanced module.

Can I opt out?

Priority Scanning is optional. You may request to opt out via support@bitsight.com. Please note, however, that opting out means returning to the longer scan cycle. Some exposure risks will take longer to be discovered, and remediations will also take longer to be credited.